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DETAILED ACTION 

• Applicant's request for RCE filed on 4/28/201 1 has been entered. Applicant has 
amended claims 1, 6, 10, 16, 26, and 29-31. Currently claims 1-22 and 26-34 are 
pending in this application. 

Response to Arguments 

Applicant's arguments with respect to claims 1, 6, 10, 16, 26, 29, 30 and 31 have 
been considered but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC §103 

1 . The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-5 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Baltzlev (US 6.292.895 B1 ). hereinafter "Baltzlev" in view of Anqelo et al. (US 
5.923.754). hereinafter. "Anqelo". and Batten-Carew et al. (US 6.603.857 BP. 
hereinafter "Batten-Carew" and further in view of Narasimhalu et al. (US 5,499,298), 
hereinafter, "Narasimhalu". 

Regarding Claim 1, Baltzley discloses a file security system for restricting access 
to electronic files, said file security system comprising: 
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a key store configured to store a plurality of cryptographic key pairs, wherein the 
cryptographic key pairs include a respective public key and a respective private key 
(see, Fig. 2, Numerals 320, and 325). 

an access manager (see Fig. 3, Numeral 220), configured to operatively connect 
to said key store, configured to determine whether the private key of at least one of the 
cryptographic key pairs is permitted to be provided to a requester (see Column 2, lines 
41-52 and also Column 5 lines 2-10). 

wherein the access manager is configured to require that the requester the 
private key to access a secured electronic file (see Column 2, lines 51-52), and wherein 
the secured electronic file was previously secured using the public key of the at least 
one of the cryptographic key pairs (See Column 2, lines 55-56). 

Baltzley directly encrypt the electronic file using the public key and therefore 
does not teach that a data portion of the secured electronic file was previously secured 
using a document key and wherein the document key was previously secured by the 
public key of the cryptographic key pair. 

However, hybrid encryption was well-known at the time invention was made. 
Angelo discloses encrypting the message using a document key and the encrypting the 
document key using a public key (see, Column 3, lines 13-22). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use, instead of public key directly encrypting the documents in 
the system of Baltzley, the technique of hybrid encryption as taught by Angelo because 
encrypting the message with the symmetric algorithm is faster then asymmetric 
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algorithm and using public key just to encrypt the document key reduces the chances 
for plaintext attacks. In other words, hybrid encryption provides the security of public- 
key encryption at the same time processing messages faster then asymmetric 
encryption by using symmetric key for data encryption. 

Baltzley does not disclose a cryptographic key that pertains to a predetermined 

time. 

Batten-Carew discloses a method and apparatus for controlling release of time- 
sensitive information is accomplished by a server that establishes access information 
for a specific future time as passed (abstract). The method includes at least one of the 
cryptographic key pairs pertaining to a predetermined time (column 3 lines 40-47); key 
pairs pertaining to the predetermined time is permitted to be provided to a requester 
based on a current time (Fig. 3), wherein the requester requires the private key of the at 
least one of the cryptographic key pairs pertaining to the predetermined time to access 
a secured electronic file (column 3 lines 48-55), and wherein the secured electronic file 
was previously secured using the public key of the at least one of the cryptographic key 
pairs pertaining to the predetermined time (Fig. 1). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use the time-based key of Batten-Carew in the system of 
Baltzley. One of ordinary skill in the art would have been motivated to do this because 
the method of Batten- Carew would allow time-sensitive information to be released at 
any time and accessed only at a specific future time based on the release of access 
information relating to the specific future time (column 2 lines 29-33). 
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The combination of Baltzley, Angelo, and Batten-Carew discloses encrypting the 
document with a document key and encrypting the document key with the public key of 
at least one of the cryptographic key pairs pertaining to the predetermined time. 
However, the combination does not explicitly discloses encrypted header including the 
encrypted document key and encrypted access rules for the secured electronic file, the 
access rules for further protecting the document key and provide restrictive access to 
the data. 

However, Narasimhalu discloses an encrypted header with encrypted document 
key (see, Fig. 2, Numeral 41 and also Column 5, lines 43-52, "The header 35 further 
comprises a plurality of fields: a medium signature 36, an access window 37 (AW), total 
number of legal accesses allowed 38 (TAL), the number of legal accesses left 39 (LAL), 
and TAL number of encryption /decryption keys 41 (K i to Ktai )." and also Column 6, 
lines 37-44, "By concatenating AW 37, TAL 38, LAL 39, Ki to K T al 41 , and medium 
signature 36 as illustrated in FIG. 2, the header 35 is then encrypted in step 68 using 
the public key DPK of the information consumer's access device.") and encrypted 
access rules (see, Fig. 2, Numerals 37, 38, 39 and 36 and also Column 5, lines 43-52, 
"The header 35 further comprises a plurality of fields: a medium signature 36, an access 
window 37 (AW), total number of legal accesses allowed 38 (TAL), the number of legal 
accesses left 39 (LAL), and TAL number of encryption /decryption keys 41 (Ki to K T al)-" 
and also Column 6, lines 37-44, "By concatenating AW 37, TAL 38, LAL 39, K 1 to K T al 
41 , and medium signature 36 as illustrated in FIG. 2, the header 35 is then encrypted in 
step 68 using the public key DPK of the information consumer's access device."), the 
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access rules for further protecting the document key and provide restrictive access to 
the data portion (see, Column 7, lines 29-65, "Next in step 90, the Controller 45 checks 
whether there are any legal access left by testing the value of LAL 38 for zero. If there 
are no legal accesses left, the value of LAL 38=0 and an evade processing module is 
invoked in step 92 which either denies the information access or erases the contents of 
the medium. The specific action depends on a particular embodiment of the invention. 
Should the value of LAL be greater than zero, then the Controller 45 compares in step 
94 the value of the access window AW 37 with the time of the clock 55. If the current 
time falls outside of the boundary of the AW 37, the evade processing module in step 92 
is invoked. Otherwise, the Controller 45 checks in step 96 whether the medium 
signature 36 corresponds with the signature read from the input channel 27 and that of 
the output channel 29. If the medium signature 36 does not match, the sealed COIN is 
stored on a copied medium. An evade processing module as in step 92 is invoked. 
Otherwise, the Controller 45 confirms that the Information Consumer 30 has a right to 
access the sealed COIN on the distribution medium... After the Controller 45 determines 
that the Information Consumer 30 has a right to access the sealed COIN on the 
distribution medium in FIG. 5A, the controller extracts in step 95 the encryption 
/decryption key K T al-lal+i from the header 35.") 

Therefore, it would have been obvious at the time invention was made to a 
person of ordinary skill in the art to place the document key of the combined system of 
Baltzley, Angelo, and Batten-Carew into a header and further append access rules as 
taught by Narasimhalu with document key into the header because "Digital information 
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is structured logically to incorporate usage history and allowable access window before 
it is encrypted in a header portion and a body portion. The end user accesses the digital 
information with a tamper-proof controlled information access device by decrypting the 
digital information. A controller disposed in the controlled information access device 
permits end users to access transparently uncontrolled information." (see, Column 2, 
line 59-67). 

Regarding Claim 2, the rejection of claim 1 is incorporated and Baltzley does not 
teach an access manager is configured to provide the private key of the at least one of 
the cryptographic key pairs pertaining to the predetermined time to the requester in 
response to determining that the predetermined time is earlier than or equal to the 
current time. 

Batten-Carew discloses a system, wherein said access manager only provides 
the private key of the at least one of the cryptographic key pairs pertaining to the 
predetermined time to the requester in response to determining that the predetermined 
time is earlier than or equal to the Current time (Fig. 3). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use the time-based key of Batten-Carew in the system of 
Baltzley. One of ordinary skill in the art would have been motivated to do this because 
the method of Batten- Carew would allow time-sensitive information to be released at 
any time and accessed only at a specific future time based on the release of access 
information relating to the specific future time (column 2 lines 29-33). 
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Regarding Claim 3, the rejection of claim 1 is incorporated and Baltzley further 
discloses wherein the requester is a client module that is configured to operatively 
connect to said access manager over a network (see Figs. 3 and 4). 

Regarding Claim 4, the rejection of claim 1 is incorporated and Baltzley does not 
discloses a system wherein said document security system further comprises: at least 
one client module, said client module assists a user in selecting the predetermined time, 
and said client module secures the electronic file using the public key of the at least one 
of the cryptographic key pairs pertaining to the predetermined time so as to provide a 
time-based access restriction to the electronic file. 

Batten-Carew discloses a system wherein a document security system further 
comprises: at least one client module, said client module configured to select the 
predetermined time and secure the electronic file using the public key of the at least one 
of the cryptographic key pairs pertaining to the predetermined time so as to provide a 
time-based access restriction to the electronic file (Fig. 4). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use the time-based key of Batten-Carew in the system of 
Baltzley. One of ordinary skill in the art would have been motivated to do this because 
the method of Batten- Carew would allow time-sensitive information to be released at 
any time and accessed only at a specific future time based on the release of access 
information relating to the specific future time (column 2 lines 29-33). 

Regarding Claim 5, the rejection of claim 4 is incorporated and Baltzley does not 
disclose wherein said client module further assists in unsecuring the secured electronic 
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file by acquiring the private key of the at least one of the cryptographic key pairs that 
pertaining to the predetermined time from said key store, and then unsecure the 
secured electronic file using the private key that pertaining to the predetermined time 
Batten-Carew discloses a system wherein said client module further assists in 
unsecuring the secured electronic file by acquiring the private key of the at least one of 
the cryptographic key pairs that pertaining to the predetermined time from said key 
store, and then unsecuring the secured electronic file using the private key of the at 
least one of the cryptographic key pairs that pertaining to the predetermined time (Fig. 3 
and Fig. 4). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use the time-based key of Batten-Carew in the system of 
Baltzley. One of ordinary skill in the art would have been motivated to do this because 
the method of Batten- Carew would allow time-sensitive information to be released at 
any time and accessed only at a specific future time based on the release of access 
information relating to the specific future time (column 2 lines 29-33). 

Claims 6-22 and 26-31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over En-Seunq et al.(US 6.892.306 B1 ). hereinafter. "En-Seunq" in view of 
Narasimhalu and Batten-Carew. 

Regarding Claims 6, 26 and 29, En-Seung discloses an apparatus, a 
corresponding method and a corresponding computer program for controlling release of 
time-sensitive information, said method comprising: 
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Identifying an electronic document to be secured, the electronic document having 
at least a data portion that contains data (see, Column 5, lines 57-61); 
generating a access key (see Column 9, lines 9-11); 

securing the data portion of the electronic document through use a document key 
to produce a secured electronic document (see Column 3, lines 14-22 and see Figs. 10 
and also Column 5, lines 19-27); 

storing the document key in the header portion of the electronic document (see, 
Column 5, lines 6-8); 

securing the header portion of the electronic document through the use of the 
user key (see, Column 5, lines 6-8) 

storing the secured electronic document (see Column 6, lines 54-59). 

En-Seung discloses a header portion containing the document key but does not 
explicitly discloses that the header portion is encrypted and contains both encrypted 
document key and encrypted access rules wherein the access rules are provided for 
further protecting the document key and provide restrictive access to the data. 

However, Narasimhalu discloses an encrypted header with encrypted document 
key (see, Fig. 2, Numeral 41 and also Column 5, lines 43-52, "The header 35 further 
comprises a plurality of fields: a medium signature 36, an access window 37 (AW), total 
number of legal accesses allowed 38 (TAL), the number of legal accesses left 39 (LAL), 
and TAL number of encryption /decryption keys 41 (K i to Ktai )." and also Column 6, 
lines 37-44, "By concatenating AW 37, TAL 38, LAL 39, Ki to K T al 41 , and medium 
signature 36 as illustrated in FIG. 2, the header 35 is then encrypted in step 68 using 



Application/Control Number: 1 0/676,850 Page 1 1 

Art Unit: 2435 

the public key DPK of the information consumer's access device.") and encrypted 
access rules (see, Fig. 2, Numerals 37, 38, 39 and 36 and also Column 5, lines 43-52, 
"The header 35 further comprises a plurality of fields: a medium signature 36, an access 
window 37 (AW), total number of legal accesses allowed 38 (TAD, the number of legal 
accesses left 39 (LAL), and TAL number of encryption /decryption keys 41 (Ki to Ktal)-" 
and also Column 6, lines 37-44, "By concatenating AW 37, TAL 38, LAL 39, K 1 to K T al 
41 , and medium signature 36 as illustrated in FIG. 2, the header 35 is then encrypted in 
step 68 using the public key DPK of the information consumer's access device."), the 
access rules for further protecting the document key and provide restrictive access to 
the data portion (see, Column 7, lines 29-65, "Next in step 90, the Controller 45 checks 
whether there are any legal access left by testing the value of LAL 38 for zero. If there 
are no legal accesses left, the value of LAL 38=0 and an evade processing module is 
invoked in step 92 which either denies the information access or erases the contents of 
the medium. The specific action depends on a particular embodiment of the invention. 
Should the value of LAL be greater than zero, then the Controller 45 compares in step 
94 the value of the access window AW 37 with the time of the clock 55. If the current 
time falls outside of the boundary of the AW 37, the evade processing module in step 92 
is invoked. Otherwise, the Controller 45 checks in step 96 whether the medium 
signature 36 corresponds with the signature read from the input channel 27 and that of 
the output channel 29. If the medium signature 36 does not match, the sealed COIN is 
stored on a copied medium. An evade processing module as in step 92 is invoked. 
Otherwise, the Controller 45 confirms that the Information Consumer 30 has a right to 
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access the sealed COIN on the distribution medium... After the Controller 45 determines 
that the Information Consumer 30 has a right to access the sealed COIN on the 
distribution medium in FIG. 5A, the controller extracts in step 95 the encryption 
/decryption key K T al-lal + i from the header 35.") 

Therefore, it would have been obvious at the time invention was made to a 
person of ordinary skill in the art to place the document key of the combined system of 
Baltzley, Angelo, and Batten-Carew into a header and further append access rules as 
taught by Narasimhalu with document key into the header because "Digital information 
is structured logically to incorporate usage history and allowable access window before 
it is encrypted in a header portion and a body portion. The end user accesses the digital 
information with a tamper-proof controlled information access device by decrypting the 
digital information. A controller disposed in the controlled information access device 
permits end users to access transparently uncontrolled information." (see, Column 2, 
line 59-67). 

The combination of En-Seung and Narasimhalu discloses user key that encrypt 
document key and document key in the header that encrypts the contents. However, 
En-Seung does not explicitly disclose that the user key is a time-based access key. 

Batten-Carew discloses a method and apparatus for controlling release of time- 
sensitive information is accomplished by a server that establishes access information 
for a specific future time as passed (abstract). Batten-Carew discloses using time-based 
access key for the predetermined time (Column 3, lines 34-40). 
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At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use the time-based key of Batten-Carew in the combined 
system of En-Seung and Narasimhalu. One of ordinary skill in the art would have been 
motivated to do this because the method of Batten- Carew would allow time-sensitive 
information to be released at any time and accessed only at a specific future time based 
on the release of access information relating to the specific future time (column 2 lines 
29-33). 

Regarding Claims 7 and 27, Batten-Carew discloses a method wherein the time- 
based access key has an access time associated therewith (column 3 lines 4-23'). 

Regarding Claims 8 and 28, Batten-Carew discloses a method wherein said 
method further comprises: storing the time-based access key at a remote key store, and 
wherein the time-based access key is subsequently retrievable from the remote key 
store only if the current time equal to or later than the access time associated with the 
time-based access key (Fig. 1 and Fig. 3). 

Regarding Claim 9, Batten-Carew discloses a method wherein said method is 
performed on a client machine that operatively receives the time-based access key from 
the remote key store over a network (Fig. 1 and column 3 lines 32-35). 

Regarding Claims 10 and 30, En-Seung discloses a method and a 
corresponding computer program for restricting access to an electronic document, said 
method comprising: 
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Identifying an electronic document (digital information) to be secured, the 
electronic document to be secured, the electronic document having at least a data 
portion that contains data (Column 5, lines 57-61); 

obtaining a document key (See Column 3, lines 25-28, "temporary validation 

key"); 

encrypting the data portion of the electronic document using the document key to 
produce an encrypted data potion (see Column 3, lines 25-28); 

obtaining an access key (See Column 3, lines 14-22, user key); 

storing the access key in the header portion (see, Column 5, lines 6-8); 

encrypting the document key using an access key to produce an encrypted 
document key (see Column 3, lines 14-22, temporary validation key in the header is 
encrypted using user key); 

storing the encrypted document key in the header portion (see, Column 5, lines 

6-8); 

forming a secured electronic document from at least the encrypted data portion 
and the header (see Figs. 10 and also Column 5, lines 6-8). 

storing the secured electronic document (see Column 6, lines 54-59) 

En-Seung discloses a header portion containing the document key but does not 
explicitly discloses that the header portion includes encrypted document key along with 
encrypted access rules for the electronic document and wherein the access rules are 
provided for further protecting the document key. 

and provide restrictive access to the data. 
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However, Narasimhalu discloses an encrypted header with encrypted document 
key (see, Fig. 2, Numeral 41 and also Column 5, lines 43-52, "The header 35 further 
comprises a plurality of fields: a medium signature 36, an access window 37 (AW), total 
number of legal accesses allowed 38 (TAL), the number of legal accesses left 39 (LAL), 
and TAL number of encryption /decryption keys 41 (K i to Ktai )." and also Column 6, 
lines 37-44, "By concatenating AW 37, TAL 38, LAL 39, Ki to K T al 41 , and medium 
signature 36 as illustrated in FIG. 2, the header 35 is then encrypted in step 68 using 
the public key DPK of the information consumer's access device.") and encrypted 
access rules (see, Fig. 2, Numerals 37, 38, 39 and 36 and also Column 5, lines 43-52, 
"The header 35 further comprises a plurality of fields: a medium signature 36, an access 
window 37 (AW), total number of legal accesses allowed 38 (TAL), the number of legal 
accesses left 39 (LAL), and TAL number of encryption /decryption keys 41 (Ki to K TA l)-" 
and also Column 6, lines 37-44, "By concatenating AW 37, TAL 38, LAL 39, Ki to K T al 
41 , and medium signature 36 as illustrated in FIG. 2, the header 35 is then encrypted in 
step 68 using the public key DPK of the information consumer's access device."), the 
access rules for further protecting the document key and provide restrictive access to 
the data portion (see, Column 7, lines 29-65, "Next in step 90, the Controller 45 checks 
whether there are any legal access left by testing the value of LAL 38 for zero. If there 
are no legal accesses left, the value of LAL 38=0 and an evade processing module is 
invoked in step 92 which either denies the information access or erases the contents of 
the medium. The specific action depends on a particular embodiment of the invention. 
Should the value of LAL be greater than zero, then the Controller 45 compares in step 
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94 the value of the access window AW 37 with the time of the clock 55. If the current 
time falls outside of the boundary of the AW 37, the evade processing module in step 92 
is invoked. Otherwise, the Controller 45 checks in step 96 whether the medium 
signature 36 corresponds with the signature read from the input channel 27 and that of 
the output channel 29. If the medium signature 36 does not match, the sealed COIN is 
stored on a copied medium. An evade processing module as in step 92 is invoked. 
Otherwise, the Controller 45 confirms that the Information Consumer 30 has a right to 
access the sealed COIN on the distribution medium... After the Controller 45 determines 
that the Information Consumer 30 has a right to access the sealed COIN on the 
distribution medium in FIG. 5A, the controller extracts in step 95 the encryption 
/decryption key K T al-lal+i from the header 35.") 

Therefore, it would have been obvious at the time invention was made to a 
person of ordinary skill in the art to place the document key of the combined system of 
Baltzley, Angelo, and Batten-Carew into a header and further append access rules as 
taught by Narasimhalu with document key into the header because "Digital information 
is structured logically to incorporate usage history and allowable access window before 
it is encrypted in a header portion and a body portion. The end user accesses the digital 
information with a tamper-proof controlled information access device by decrypting the 
digital information. A controller disposed in the controlled information access device 
permits end users to access transparently uncontrolled information." (see, Column 2, 
line 59-67). 
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The combination of En-Seung and Narasimhalu discloses user key that encrypt 
document key and document key that encrypts the contents. However, En-Seung does 
not explicitly disclose that the user key is a time-based access key. 

Batten-Carew discloses a method and apparatus for controlling release of time- 
sensitive information is accomplished by a server that establishes access information 
for a specific future time as passed (abstract). Batten-Carew discloses using time-based 
access key (Column 3, lines 34-40). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use the time-based key of Batten-Carew in the combined 
system of En-Seung and Narasimhalu. One of ordinary skill in the art would have been 
motivated to do this because the method of Batten- Carew would allow time-sensitive 
information to be released at any time and accessed only at a specific future time based 
on the release of access information relating to the specific future time (column 2 lines 
29-33). 

Regarding Claim 11, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses wherein encrypting the document key comprises encrypting the 
document key using a public time-based access key (see Batten-Carew, Column 3, 
lines 48-64 as combined with Narasimhalu) 

Regarding Claim 12, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses wherein encrypting the document key comprises encrypting the 
document key using a time-based access key that has an access time associated 
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therewith (see Batten-Carew, column 3 lines 4-23 and Fig. 2 as combined with 
Narasimhalu) 

Regarding Claim 13, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses wherein obtaining a time-based access key comprises 
obtaining a time-based access key that is available from a remote key store when the 
current time is equal to or greater than the access time associated with the time-based 
access key (see Batten-Carew, Fig. 3). 

Regarding Claim 14, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses obtaining a time-based access key comprises obtaining a time- 
based access key that specifies an access time as a specified day of a year and further 
comprising obtaining a different unique time-based access keys for a plurality of 
different days of the year (see Batten-Carew, Fig. 2). 

Regarding Claim 15, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses further discloses wherein said method is performed on a client 
machine that operatively receives the time-based access key from the remote key store 
over a network (see Batten-Carew, Fig. 1 and Column 3 lines 32-35). 

Regarding Claims 16 and 31, En-Seung discloses a method and a 
corresponding computer program for providing a secured electronic document to a 
requester, the secured electronic document having at least a header portion, having an 
encrypted document key and access rules, and an encrypted data portion (see, Fig. 10), 
said method comprising: 
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obtaining an access key (See Fig. 21 A, Numeral S430, and also Column 3, lines 
14-22, user key); 

decrypting the document key using the time-based access key (see, Column 15, 
lines 63-67); 

En-Seung discloses a header portion containing the document key but does not 
explicitly discloses that the header portion also includes encrypted access rules that 
needs to be decrypted wherein the access to the document key being subject to 
protection by the access rules. 

and provide restrictive access to the data. 

However, Narasimhalu discloses an encrypted header with encrypted document 
key (see, Fig. 2, Numeral 41 and also Column 5, lines 43-52, "The header 35 further 
comprises a plurality of fields: a medium signature 36, an access window 37 (AW), total 
number of legal accesses allowed 38 (TAL), the number of legal accesses left 39 (LAL), 
and TAL number of encryption /decryption keys 41 (K i to Ktai )." and also Column 6, 
lines 37-44, "By concatenating AW 37, TAL 38, LAL 39, Ki to K TA l 41 , and medium 
signature 36 as illustrated in FIG. 2, the header 35 is then encrypted in step 68 using 
the public key DPK of the information consumer's access device.") and encrypted 
access rules (see, Fig. 2, Numerals 37, 38, 39 and 36 and also Column 5, lines 43-52, 
"The header 35 further comprises a plurality of fields: a medium signature 36, an access 
window 37 (AW), total number of legal accesses allowed 38 (TAL), the number of legal 
accesses left 39 (LAL), and TAL number of encryption /decryption keys 41 (^ to K TA l)-" 
and also Column 6, lines 37-44, "By concatenating AW 37, TAL 38, LAL 39, K 1 to K T al 
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41 , and medium signature 36 as illustrated in FIG. 2, the header 35 is then encrypted in 
step 68 using the public key DPK of the information consumer's access device."), the 
access rules for further protecting the document key and provide restrictive access to 
the data portion (see, Column 7, lines 29-65, "Next in step 90, the Controller 45 checks 
whether there are any legal access left by testing the value of LAL 38 for zero. If there 
are no legal accesses left, the value of LAL 38=0 and an evade processing module is 
invoked in step 92 which either denies the information access or erases the contents of 
the medium. The specific action depends on a particular embodiment of the invention. 
Should the value of LAL be greater than zero, then the Controller 45 compares in step 
94 the value of the access window AW 37 with the time of the clock 55. If the current 
time falls outside of the boundary of the AW 37, the evade processing module in step 92 
is invoked. Otherwise, the Controller 45 checks in step 96 whether the medium 
signature 36 corresponds with the signature read from the input channel 27 and that of 
the output channel 29. If the medium signature 36 does not match, the sealed COIN is 
stored on a copied medium. An evade processing module as in step 92 is invoked. 
Otherwise, the Controller 45 confirms that the Information Consumer 30 has a right to 
access the sealed COIN on the distribution medium... After the Controller 45 determines 
that the Information Consumer 30 has a right to access the sealed COIN on the 
distribution medium in FIG. 5A, the controller extracts in step 95 the encryption 
/decryption key K T al-lal + i from the header 35.") 

Therefore, it would have been obvious at the time invention was made to a 
person of ordinary skill in the art to place the document key of the combined system of 
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Baltzley, Angelo, and Batten-Carew into a header and further append access rules as 
taught by Narasimhalu with document key into the header because "Digital information 
is structured logically to incorporate usage history and allowable access window before 
it is encrypted in a header portion and a body portion. The end user accesses the digital 
information with a tamper-proof controlled information access device by decrypting the 
digital information. A controller disposed in the controlled information access device 
permits end users to access transparently uncontrolled information." (see, Column 2, 
line 59-67). 

The combination of En-Seung and Narasimhalu further discloses: 

decrypting an encrypted data portion of the secured electronic document using 

the document key to produce a non-encrypted data portion (see, Column 16, lines 10- 

14); and 

supplying the non-encrypted data portion to the requester (see, Fig. 21 B, 
Numeral S470). 

The combination of En-Seung and Narasimhalu discloses user key that encrypt 
document key and document key that encrypts the contents. However, En-Seung does 
not explicitly disclose that the user key is a time-based access key. 

Batten-Carew discloses a method and apparatus for controlling release of time- 
sensitive information is accomplished by a server that establishes access information 
for a specific future time as passed (abstract). Batten-Carew discloses using time-based 
access key (Column 3, lines 34-40). 
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At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use the time-based key of Batten-Carew in the combined 
system of En-Seung and Narasimhalu. One of ordinary skill in the art would have been 
motivated to do this because the method of Batten- Carew would allow time-sensitive 
information to be released at any time and accessed only at a specific future time based 
on the release of access information relating to the specific future time (column 2 lines 
29-33). 

Regarding Claim 17, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses wherein obtaining a time-based access key comprises 
obtaining a time-based access key is identified by an indicator within a header portion of 
the secured electronic document (see, En-Seung Column 15, lines 35-51 as modified by 
Batten-Carew). 

Regarding Claim 18, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses wherein obtaining a time based access key comprises obtaining 
a private time-based access key (see Batten-Carew, Column 3, lines 48-64). 

Regarding Claim 19, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses wherein obtaining a time-based access key comprises 
acquiring the time-based access key from a server (see Batten-Carew, Fig. 1 and 
Column 3 lines 32-35). 

Regarding Claim 20, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses wherein said obtaining of the time-based access key is 
dependent on a current time (see Batten-Carew, column 3 lines 4-23 and Fig. 2). 
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Regarding Claim 21, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses wherein the time-based access key is associated with an 
access time, and wherein said obtaining of the time-based access key is permitted 
when the current time is greater than or equal to the access time (see Batten-Carew, 
Fig. 3). 

Regarding Claim 22, the combination of En-Seung, Narasimhalu and Batten- 
Carew further discloses wherein, obtaining a time-based access key comprises 
obtaining the time based access key from a server (see Batten-Carew, Fig. 1 and 
Column 3 lines 32-35). 

Claims 32-34 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
En-Seung in view of Narasimhalu and Batten-Carew and further in view of Sinqhal et 
al. (US 6,851,050 B2), hereinafter "Sinqhal". 

Regarding Claims 32, 33 and 34, the rejections of claims 6, 26 and 29 is 
incorporated and even though the combination of En-Seung, Narasimhalu and Batten- 
Carew discloses generating time-based access key for a predetermined time it does not 
explicitly discloses a step of determining whether a time-based access key is already 
available for a predetermined time, otherwise generating a time-based access key for 
the predetermined time. Batten-Carew is just missing the step of checking to see if the 
time-based access key is already generated and only generate new time-based access 
key if one does not exist. 
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Singhal discloses a condition where prior to generating a key, system check to 
see the key is already generated and only generates a new key if one does not exist 
(see Column 18, lines 30-60). 

Therefore, it would have been obvious at the time the invention was made to one 
of ordinary skill in the art to generate, the time-based access key of the combined 
system of En-Seung, Narasimhalu and Batten-Carew, only if the key doesn't already 
exist. One of ordinary skill in the art would have been motivated to check this condition 
prior to generating new time-based access key in a case where sender is sending more 
then one document and all document are suppose to release on the same time. In such 
a condition it would be appropriate to simply use the same time-based access key 
rather then generating multiple time-based access keys for the same predetermined 
time. 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to YOGESH PALIWAL whose telephone number is 
(571)270-1807. The examiner can normally be reached on M-F 9:00 - 5:00 EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 5712723859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Y. P./ 

Examiner, Art Unit 2435 

/Kimyen Vu/ 
Supervisory Patent Examiner, Art Unit 2435 



